| Windows系统API函数拦截技术研究 |
| |
| 引用本文: | 王远.Windows系统API函数拦截技术研究[J].微计算机信息,2006,22(30):224-226. |
| |
| 作者姓名: | 王远 |
| |
| 作者单位: | 450004,郑州,信息工程大学电子技术学院 |
| |
| 摘 要: | API函数拦截是指通过特定的方法中断API函数的调用,转而执行用户的功能代码的一种行为。该技术由代码加载和用户代码组成。文中首先详细讨论了Windows系统中三种代码加载技术:Hook(钩子)、使用动态链接库的远线程插入和使用代码段的远线程插入。同时对这三种技术的优缺点进行了分析,给出了它们各自的应用场合。最后给出了一种函数拦截系统的设计和实现。
|
| 关 键 词: | API函数 函数拦截 远线程插入 |
| 文章编号: | 1008-0570(2006)10-3-0224-03 |
| 修稿时间: | 2005年12月14 |
Research of Technology of Intercepting API calls in Windows |
| |
| Wang Yuan.Research of Technology of Intercepting API calls in Windows[J].Control & Automation,2006,22(30):224-226. |
| |
| Authors: | Wang Yuan |
| |
| Abstract: | Intercepting API calls means a way of alter the original API execution to the code supplied by the user. This technology consists of loader and code. Firstly, This paper discussed three mean used to load the code in detail including hook, create remote thread with DLL and create remote thread with pieces of code. At the same time their advantage and disadvantage are analyzed. Fi- nally, it designs a system of intercepting API calls that is composed by loader and code. |
| |
| Keywords: | API intercept API calls createremotethread |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
